Which three elements are part of SSH Events in Host Observations? (Choose three.)
Which three elements are part of SSH Events in Host Observations? (Choose three.)
The correct elements that are part of SSH Events in Host Observations include User, Process path, and Command. 'User' is relevant because it helps identify who is initiating the SSH session. 'Process path' is important as it provides information about where the process is being executed from, which is crucial for monitoring and security purposes. 'Command' shows what specific commands are being run in SSH sessions, critical for detecting malicious activities. 'Startup process' and 'System calls' are not directly related to the SSH Events in Host Observations.
BDE https://docs.paloaltonetworks.com/prisma/prisma-cloud/22-12/prisma-cloud-compute-edition-admin/runtime_defense/runtime_defense_hosts
D --> Alert/prevent processes by path E --> The SSH events tab shows ssh commands run in interactive sessions, limited to 100 events per hour. B --> Detect binaries created by a user without a package manager